Security News
tea.xyz Spam Plagues npm and RubyGems Package Registries
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
cnft-spam-filter
Advanced tools
Readme
An open-source, lightweight, and portable spam classifier for cNFTs on Solana.
Can run anywhere that webassembly runs: on a server, in a lambda function, and even running entirely in your browser.
Also included is the model training code and data, so you can train and bring your own model if the default model is not performing well.
Feature extraction is done with a combination of on-chain data and OCR using the tesseract.js library. Classification is done with naive bayes and a hand-picked set of spam
and ham
cNFTs.
You can try a live (slow + heavily rate limited) example of the library running on AWS Lambda here:
https://api.filtoor.xyz/classify?address=A1xhLVywcq6SeZnmRG1pUzoSWxVMpS6J5ShEbt3smQJr
Try a new cNFT by replacing the address={...}
parameter. The classifier will either spit out "spam" or "ham" (or "error" if something went wrong).
If you'd like to use this API in your production project, please DM me to get set up!
First, install the library:
npm i cnft-spam-filter
then import the requisite function:
const { extractAndClassify } = require("cnft-spam-filter")
or
import { extractAndClassify } from "cnft-spam-filter"
Finally, call the function wherever you want to classify:
const classification = await extractAndClassify(assetId, rpcUrl);
Note that you'll need to bring your own rpcUrl
that supports the DAS
api--I recommend Helius for their generous free plan https://www.helius.dev/.
You can find a few lightweight examples of how to use the library in different environments in the /examples folder of the repository.
cnft-spam-filter
aims to be portable, so you can run it in pretty much any environment that you want.
You can train your own model and pass it to classify(tokens, model)
. Code for this is in the /train folder.
You'll see spam_ids.json
and ham_ids.json
there; these are the cNFTs used to train the model.
You can test the accuracy of a model using the code in the /test folder. Make sure that your training set and test set do not overlap.
If you want to use cnft-spam-filter
in production, we recommend setting up a caching layer so that you don't have to analyze each cNFT multiple times. This should be done at your own app level: you can use redis, a database, localstorage--whatever you want.
Feel free to open pull requests to contribute if you think this is interesting! I will try to get to them as best as I can. There are definitely some tasks that need to be implemented.
All code is released under the MIT license -- go crazy.
Solana asset donations are appreciated but not required by any means:
filtoor.sol
FAQs
a set of useful utils for determining if a cNFT on solana is spam or not
The npm package cnft-spam-filter receives a total of 5 weekly downloads. As such, cnft-spam-filter popularity was classified as not popular.
We found that cnft-spam-filter demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
Tea.xyz, a crypto project aimed at rewarding open source contributions, is once again facing backlash due to an influx of spam packages flooding public package registries.
Security News
As cyber threats become more autonomous, AI-powered defenses are crucial for businesses to stay ahead of attackers who can exploit software vulnerabilities at scale.
Security News
UnitedHealth Group disclosed that the ransomware attack on Change Healthcare compromised protected health information for millions in the U.S., with estimated costs to the company expected to reach $1 billion.